Forum

New Cisco vulnerabilities publically disclosed - demonstration exploit tutorial.

2 posts by 2 authors in: Forums > CWSP - Enterprise Wi-Fi Security
Last Post: July 3, 2018:

By OG150 January 25, 2013

Reply

Hi all.

I discovered a software vulnerability related to Cisco wireless LAN controllers back in June 2012. I immediately reported this to Cisco PSIRT (Product Security Incident Response Team). As of 23rd January 16:00 UTC, Cisco has released a public disclosure. It can be seen here.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130123-wlc

I have documented a full demonstration of this exploit using my OG150 security drop box. If you are interested go to my website; http://www.og150.com/tutorials.php and download the PDF related to "Razzlerock Hack" - CVE ID CVE-2013-1105. Note: Cisco PSIRT are aware of this publically released document.

If you have any comments please let me know.

Thanks

Darren

Page 1 of 1

1

Success Stories

I literally just came out of the testing centre having taken the CWDP exam. The certification process opened my mind to different techniques and solutions. This knowledge can only broaden your perspective. Great job, CWNP, you have a great thing going on here.
-Darren

Working through the CWNP coursework and certifications helped not only to deepen my technical knowledge and understanding, but also it boosted my confidence. The hard work it took to earn my CWNE has been rewarding in so many ways.
-Ben

I want to commend you and all at CWNP for having a great organization. You really 'raise the bar' on knowing Wi-Fi well. I have learned a ton of information that is helping my job experience and personal career goals, because of my CWAP/CWDP/CWSP studies. Kudos to all at CWNP.
-Glenn